X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=admin_options.php;h=9448ef788424a6a7aed26388f7755fb198ee9d64;hb=43eb48ca4e8f40bd43280a9e8df2f5e750f71804;hp=14cb3f54c54b60018873077eed44e76ddc13ac4b;hpb=7ca15b5853146dd809f2ad3f5b2e1d9dab4f8dd4;p=timetracker.git

diff --git a/admin_options.php b/admin_options.php
index 14cb3f54..9448ef78 100644
--- a/admin_options.php
+++ b/admin_options.php
@@ -29,12 +29,14 @@
 require_once('initialize.php');
 import('form.Form');
 import('ttUserHelper');
+import('ttAdmin');
 
 // Access check.
 if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }
+// End of access checks.
 
 if ($request->isPost()) {
   $cl_name = trim($request->getParameter('name'));
@@ -58,28 +60,40 @@ if (!$auth->isPasswordExternal()) {
   $form->addInput(array('type'=>'password','maxlength'=>'30','name'=>'password2','value'=>$cl_password2));
 }
 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'email','value'=>$cl_email));
-$form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->getKey('button.submit')));
+$form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->get('button.submit')));
 
 if ($request->isPost()) {
-  // Create fields array for ttAdmin instance.
-  $fields = array(
-    'name' => $cl_name,
+  // Validate user input.
+  if (!ttValidString($cl_name))
+    $err->add($i18n->get('error.field'), $i18n->get('label.person_name'));
+  if (!ttValidString($cl_login))
+    $err->add($i18n->get('error.field'), $i18n->get('label.login'));
+  // If we change login, it must be unique.
+  if ($cl_login != $user->login && ttUserHelper::getUserByLogin($cl_login))
+    $err->add($i18n->get('error.user_exists'));
+  if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) {
+      if (!ttValidString($cl_password1))
+        $err->add($i18n->get('error.field'), $i18n->get('label.password'));
+      if (!ttValidString($cl_password2))
+        $err->add($i18n->get('error.field'), $i18n->get('label.confirm_password'));
+      if ($cl_password1 !== $cl_password2)
+        $err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
+    }
+  if (!ttValidEmail($cl_email, true))
+    $err->add($i18n->get('error.field'), $i18n->get('label.email'));
+
+  if ($err->no() && ttAdmin::updateSelf(array('name' => $cl_name,
     'login' => $cl_login,
     'password1' => $cl_password1,
     'password2' => $cl_password2,
-    'email' => $cl_email);
-
-  import('ttAdmin');
-  $admin = new ttAdmin($err);
-  $result = $admin->updateSelf($fields);
-  if ($result) {
-    header('Location: admin_teams.php');
+    'email' => $cl_email))) {
+    header('Location: admin_groups.php');
     exit();
   }
 } // isPost
 
 $smarty->assign('auth_external', $auth->isPasswordExternal());
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
-$smarty->assign('title', $i18n->getKey('title.options'));
+$smarty->assign('title', $i18n->get('title.options'));
 $smarty->assign('content_page_name', 'admin_options.tpl');
 $smarty->display('index.tpl');